{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T13:19:59Z","timestamp":1771075199648,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":25,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540397236","type":"print"},{"value":"9783540397250","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11856214_5","type":"book-chapter","created":{"date-parts":[[2006,9,16]],"date-time":"2006-09-16T03:12:21Z","timestamp":1158376341000},"page":"81-105","source":"Crossref","is-referenced-by-count":116,"title":["Paragraph: Thwarting Signature Learning by Training Maliciously"],"prefix":"10.1007","author":[{"given":"James","family":"Newsome","sequence":"first","affiliation":[]},{"given":"Brad","family":"Karp","sequence":"additional","affiliation":[]},{"given":"Dawn","family":"Song","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"5_CR1","doi-asserted-by":"crossref","unstructured":"Barreno, M., Nelson, B., Sears, R., Joseph, A.D., Tygar, J.D.: Can machine learning be secure? In: ASIA CCS (March 2006)","DOI":"10.1145\/1128817.1128824"},{"key":"5_CR2","doi-asserted-by":"crossref","unstructured":"Brumley, D., Newsome, J., Song, D., Wang, H., Jha, S.: Towards automatic generation of vulnerability-based signatures. In: IEEE Symposium on Security and Privacy (2006)","DOI":"10.1109\/SP.2006.41"},{"key":"5_CR3","doi-asserted-by":"crossref","unstructured":"Costa, M., Crowcroft, J., Castro, M., Rowstron, A.: Vigilante: End-to-end containment of internet worms. In: SOSP (2005)","DOI":"10.1145\/1095810.1095824"},{"key":"5_CR4","unstructured":"Crandall, J.R., Chong, F.: Minos: Architectural support for software security through control data integrity. In: International Symposium on Microarchitecture (December 2004)"},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"Crandall, J.R., Su, Z., Wu, S.F., Chong, F.T.: On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits. In: 12th ACM Conference on Computer and Communications Security (CCS) (2005)","DOI":"10.1145\/1102120.1102152"},{"key":"5_CR6","doi-asserted-by":"crossref","unstructured":"Dalvi, N., Domingos, P., Mausam, Sanghai, S., Verma, D.: Adversarial classification. In: Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD) (2004)","DOI":"10.1145\/1014052.1014066"},{"key":"5_CR7","unstructured":"Kim, H.-A., Karp, B.: Autograph: toward automated, distributed worm signature detection. In: 13th USENIX Security Symposium (August 2004)"},{"key":"5_CR8","doi-asserted-by":"crossref","unstructured":"Kreibich, C., Crowcroft, J.: Honeycomb - creating intrusion detection signatures using honeypots. In: HotNets (November 2003)","DOI":"10.1145\/972374.972384"},{"key":"5_CR9","unstructured":"Li, Z., Sanghi, M., Chen, Y., Kao, M.-Y., Chavez, B.: Hamsa: fast signature generation for zero-day polymorphic worms with provable attack resilience. In: IEEE Symposium on Security and Privacy (May 2006)"},{"key":"5_CR10","doi-asserted-by":"crossref","unstructured":"Liang, Z., Sekar, R.: Fast and automated generation of attack signatures: A basis for building self-protecting servers. In: 12th ACM Conference on Computer and Communications Security (CCS) (2005)","DOI":"10.1145\/1102120.1102150"},{"key":"5_CR11","first-page":"285","volume":"2","author":"N. Littlestone","year":"1988","unstructured":"Littlestone, N.: Learning quickly when irrelevant attributes abound: A new linear threshold algorithm. Machine Learning\u00a02, 285\u2013318 (1988)","journal-title":"Machine Learning"},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Littlestone, N.: Redundant noisy attributes, attribute errors, and linear-threshold learning using winnow. In: Fourth Annual Workshop on Computational Learning Theory, pp. 147\u2013156 (1991)","DOI":"10.1016\/B978-1-55860-213-7.50017-1"},{"key":"5_CR13","doi-asserted-by":"crossref","unstructured":"Lowd, D., Meek, C.: Adversarial learning. In: Eleventh ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD) (2005)","DOI":"10.1145\/1081870.1081950"},{"key":"5_CR14","unstructured":"Newsome, J., Brumley, D., Song, D.: Vulnerability-specific execution filtering for exploit prevention on commodity software. In: 13th Symposium on Network and Distributed System Security (NDSS 2006) (2006)"},{"key":"5_CR15","doi-asserted-by":"crossref","unstructured":"Newsome, J., Karp, B., Song, D.: Polygraph: Automatically generating signatures for polymorphic worms. In: IEEE Symposium on Security and Privacy (May 2005)","DOI":"10.1109\/SP.2005.15"},{"key":"5_CR16","unstructured":"Newsome, J., Song, D.: Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In: 12th Annual Network and Distributed System Security Symposium (NDSS) (February 2005)"},{"key":"5_CR17","unstructured":"delusive (definition). In Oxford English Dictionary. Oxford University Press, Oxford (2006)"},{"key":"5_CR18","doi-asserted-by":"crossref","unstructured":"Perdisci, R., Dagon, D., Lee, W., Fogla, P., Sharif, M.: Misleading worm signature generators using deliberate noise injection. In: IEEE Symposium on Security and Privacy (May 2006)","DOI":"10.1109\/SP.2006.26"},{"key":"5_CR19","unstructured":"Ramin, Y.: ATPhttpd, http:\/\/www.redshift.com\/~yramin\/atp\/atphttpd\/"},{"key":"5_CR20","unstructured":"Sidiroglou, S., Locasto, M.E., Boyd, S.W., Keromytis, A.D.: Building a reactive immune system for software services. In: USENIX Annual Technical Conference (2005)"},{"key":"5_CR21","unstructured":"Singh, S., Estan, C., Varghese, G., Savage, S.: Automated worm fingerprinting. In: 6th ACM\/USENIX Symposium on Operating System Design and Implementation (OSDI) (December 2004)"},{"key":"5_CR22","doi-asserted-by":"crossref","unstructured":"Staniford, S., Moore, D., Paxson, V., Weaver, N.: The top speed of flash worms. In: ACM CCS WORM (2004)","DOI":"10.1145\/1029618.1029624"},{"key":"5_CR23","doi-asserted-by":"crossref","unstructured":"Suh, G.E., Lee, J., Devadas, S.: Secure program execution via dynamic information flow tracking. In: ASPLOS (2004)","DOI":"10.1145\/1024393.1024404"},{"key":"5_CR24","unstructured":"Tang, Y., Chen, S.: Defending against internet worms: A signature-based approach. In: IEEE INFOCOM (March 2005)"},{"key":"5_CR25","doi-asserted-by":"crossref","unstructured":"Xu, J., Ning, P., Kil, C., Zhai, Y., Bookholt, C.: Automatic diagnosis and response to memory corruption vulnerabilities. In: 12th Annual ACM Conference on Computer and Communication Security (CCS) (2005)","DOI":"10.1145\/1102120.1102151"}],"container-title":["Lecture Notes in Computer Science","Recent Advances in Intrusion Detection"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11856214_5.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,17]],"date-time":"2020-11-17T14:43:19Z","timestamp":1605624199000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11856214_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540397236","9783540397250"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/11856214_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2006]]}}}